CVE-2012-1175

Name of the Vulnerable Software and Affected Versions GNU Gnash version 0.8.10

Description The issue is caused by an integer overflow in the GnashImage::size method, which can be triggered by a crafted SWF file. This can lead to a denial of service (crash) and potentially allow the execution of arbitrary code due to a heap-based buffer overflow.

Recommendations For GNU Gnash version 0.8.10, consider updating to a newer version that addresses this issue, as using a crafted SWF file can trigger the overflow. As a temporary workaround, restrict the use of SWF files from untrusted sources to minimize the risk of exploitation.